Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: RE: [LinkSec] Requirements

To: <stds-802-linksec@ieee.org>
Subject: RE: RE: [LinkSec] Requirements
From: "Nelson, David" <dnelson@enterasys.com>
Date: Thu, 12 Dec 2002 11:57:48 -0500
Sender: owner-stds-802-linksec@majordomo.ieee.org
Thread-Index: AcKh/QIWbci0VVRoTxCLy3j+ZF0RcgAAjayQ
Thread-Topic: RE: [LinkSec] Requirements


Clint Chaplin writes...

> And yet, the real problem is that the MAC address is not 
> fixed, and can easily be spoofed.

Yes, and that will be detected when the decryption fails
(assuming per-session keys).  The issue is not to rely on 
source MAC address as proof of identity, but as a convenient
assertion of identity to be used as a screen for unauthorized
packets and a label to look up a security association (e.g. 
encryption and MIC keys).

Prev by Date: RE: [LinkSec] Requirements
Next by Date: Re: RE: [LinkSec] Requirements
Prev by thread: Re: RE: [LinkSec] Requirements
Next by thread: RE: [LinkSec] Requirements
Index(es):
- Date
- Thread